POSITION PURPOSE -
Do you want to be part of a thrilling revolution influenced by technology? The Home Depot is a $70 billion business-focused environment where you can contribute in a variety of functional areas covering all aspects of the consumer value chain. We are currently managing leading software packages and technology platforms to deliver creative results to our business partners and customers. We need people who understand how best to apply technologies to solve problems and develop innovative solutions. If you are looking for an opportunity to see instant, progressive, and substantial business benefits from your technology talents and experience, it's the perfect time to join The Home Depot.
The Lead Security Engineer utilizes solid business knowledge and expert technical experience of security to provide a secure information environment for the business. Assists in the investigations of high level, complex violations of Information Security Policies by analyzing forensic data from Sr. Analyst. Develop recommendations and take appropriate action. Develop and drive the Disaster Recovery and Business Continuity strategy. The purpose of the position is to provide effective Information Security services that: Continuously protect our critical information assets and brand name. Assure compliance with corporate and regulatory policies/standards & industry best practices. Simplify, enhance and enable business initiatives. Operates as a team lead providing technical direction to team members. May perform the function to automate access provisioning across supported systems and applications with documentation. May direct, define and provide audit reporting.
This is Senior level role that involves understanding the client, business and project requirements, and designing and deploying optimal security solutions that balance risk versus usability while meeting audit and compliance requirements. Create high quality operational documentation, including Visio diagrams, high-level descriptions of the environment, as well as detailed instructions outlining the steps required to repeat the build-out and configuration of the infrastructure. Day to day interaction with security technology providers, internal and external auditors, assessors, platform engineers (Windows, Unix and ESX) and Security Engineers with Security Operations groups. Work with internal customers and vendors in developing Business Requirement Specifications for new security engineering deployments and all security Proof of Concepts with vendors. Resource can expect to routinely be called upon to analyze and interpret results of security controls such as vulnerability scan reports, CIS hardening scan reports as well as provide recommendation for remediation of identified risks. Primary interface to security technology vendors such as Qualys, Symantec, RSA to name a few. Create or help create legally-binding statements of work (SOW), project scope documents, project plans, business cases, and formal technical solutions recommendations. Required to prepare recommendations and supporting details for formal proposals for security and compliance solutions. Current enterprise-class Systems Security Engineering experience within security domains such as Identity and Access Control Systems, Vulnerability Management Systems, File Integrity/Configuration Compliance systems, Critical Server Protection Systems, PKI/Encryption key management systems.
On- site and local perks:
Choose from a variety of benefit plans designed to meet your individual and family needs.
Take part in company Success Sharing - an incentive program based on sales performance.
Receive "Homer Awards" that lead to cash incentives for consistently demonstrating behaviors that reflect The Home Depot's values.
Work out at our on-site gym that offers classes and state- of- the- art equipment.
Eat at our on-site cafeteria that offers a plethora of options or enjoy discounts at neighborhood restaurants.
Pick up prescriptions on-site at the CVS pharmacy.
Bank On-site at our Credit Union.
Drop your child off at one of the largest corporate on-site daycare facilities.
MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES -
Lead investigation of high level complex violations of Information Security Policies and direct activity to analyze forensic data from Sr. Analysts. Develop recommendations and take appropriate action.
Present to Information Technology management development/implementation plan for secure solutions.
Present findings to manager on compliance reporting for Information Securities Policies.
Drive the Disaster Recovery and Business Continuity strategy.
Provide technical direction to analysts, associates and contractors.
Develop Information Security Policies, Standards and Guidelines.
Automate access provisioning across supported systems and applications with documentation. Direct, define and provide audit reporting.
NATURE AND SCOPE -
Typically reports to Manager, Information Technology
No associates report to this role on a permanent basis, but requires the leadership of a work group: assign and review work, train and contribute to performance appraisal (but not hiring, firing or disciplinary action).
ENVIRONMENTAL JOB REQUIREMENTS -
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
Typically requires overnight travel less than 10% of the time.
MINIMUM QUALIFICATIONS -
Must be eighteen years of age or older.
Must pass the Drug Test.
Must successfully complete any required training or orientation courses.
EDUCATION REQUIRED -
The knowledge, skills and abilities typically acquired through the completion of a high school diplomas and/or GED.
YEARS OF RELEVANT WORK EXPERIENCE -
PHYSICAL JOB REQUIREMENTS -
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.
ADDITIONAL QUALIFICATIONS -
Direct hands-on experience with one or more of the following InfoSec solutions: Anti-Virus, intrusion detection, firewalls, content filtering, rick assessment.
PREFERRED QUALIFICATIONS -
Industry certifications - CISSP, CISM, CISA, PCI QSA, CCFE, GIAC, CCIE, CCSP, CBCP, ABCP, MBCP.
3+ years of experience performing audits/assessments against controls frameworks
1+ years of experience in network, system or application security design, implementation or support.
7-10 years of related experience.
BS Computer Science, Information Assurance or related field, MS a plus.
KNOWLEDGE, SKILLS, ABILITIES AND COMPETENCIES -
Assessment tools, technologies and methods.
Designing secure network, systems and application architectures.
Disaster recovery, computer forensic tools, technologies and methods.
Planning, researching and developing security policies, standards and procedures.
System administration role with experience in supporting multiple platforms/applications.
Home Depot - 20 months ago
copy to clipboard
The Home Depot is the global leader in home improvement and fourth largest retailer in the world. Providing superior customer service and...